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DETAILED ACTION 

1. This application has been examined. Claims 1-10 are 
pending . 

Priority 

2. Acknowledgment is made of applicant's claim for foreign 
priority based on an application filed in Canada on 03/01/2000. 
It is noted, however, that applicant has not filed a certified 
copy of the application as required by 35 U.S.C. 119(b) . 

Double Patenting 

3. The nonstatutory double patenting rejection is based on a 
judicially created doctrine grounded in public policy (a policy 
reflected in the statute) so as to prevent the unjustified or 
improper timewise extension of the "right to exclude" granted by 
a patent and to prevent possible harassment by multiple 
assignees. See In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 
(Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. 
Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970) ;and. 
In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 
CFR 1.321(c) may be used to overcome an actual or provisional 
rejection based on a nonstatutory double patenting ground 
provided the conflicting application or patent is shown to be 
commonly owned with this application. See 37 CFR 1.130(b). 

Effective January 1, 1994, a registered attorney or agent 
of record may sign a terminal disclaimer. A terminal disclaimer 
signed by the assignee must fully comply with 37 CFR 3.73(b). 

Claims 1-10 are provisionally rejected under the judicially 
created doctrine of obviousness -type double patenting as being 
unpatentable over claims 1-10 of copending Application No. 



09/926438 .Although the conflicting claims are not identical. 
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they are not patentably distinct from each other because the 
only difference between the two pending applications is a minor 
wording variation, omission of limitations and other minor 
differences, which do not change the scope of the invention 



whatsoever . 



Claimed invention SN: 09/926,439 


SN: 09/926.438 (US 20030051038 A1) 


1. A network resource access system for providing network 
terminals with access to network resources over a network, 
the network resource access system comprising: 

a resource registry including resource records associated 
with the network resources, the resource records defining N 
at least a resource type for each said network resource; a 
driver database including resource driver applicatioas 
for the network resources; and an authorization server foK 
facilitating communication between the network terminals \ 
and the networi< resources, the authorization server being 
in communication with the resource registry and the driver 
database for providing the driver applications to the 
network terminals in accordance with the resource records. 


1 . A network resource control system for facilitating 
communication between networi< tenninals and network 
resources over a network, the network resource control 

^vQfpm *vimnri<;inn' 
ojroidii 1 loii iv^i 

^ a resource registry including resource records assodated 
\vith the network resources, the resource records defining 
at least a user access level for each said network resource; 
an authorization server in communication with the resource 
registry for controlling networi^ access to the networic 
^resources by the network terminals in accordance with the 
i^source records; and an administration server in 
communication with the resource registry for providing 
comrolled access to the resource records. 


2. The network resource access system according to claim 
1 , wherein each said network temninal has an associated 
terminal configuration, and the resource records include a 

user access level, and the authorization server is 

configured to receive from one of the networic terminals a 
request to communicate with one of the network resources, 
to provide the one network terminal with the network driver 
application associated with the one network resource in 
accordance with a con-espondence between the temiina! 
configuration of the one networi^ temninal and the user 
access level associated with the one network resource. 


2, The network resource control system according to claim 
1, wherein ihe resource records define at least resource 
configurationsdata for each said network resource, and 
^ach said networi< temninal has an associated temninal 
configuration, and the authorization server is configured to 
receive from one of the networi< terminals a request for 
access to one of theynetwork resources, and to configure 
the one terminal for communication with the one network 
resource in accordance^th a correspondence between 
the terminal configurationvof the one network terminal and 
the resource configuration ciata and the user access control 
data associated with the one^etwori< resource. 


3. The network resource access system according to claim 
2, wherein the resource records define a network address 
associated with each said network resource, and the 


3. The networi< resource control sy^m according to claim 
2. wherein the authorization server t^confiaured to provide 
^the one terminal with a network resource driver for 


authorization server is configured to configure the 
associated driver application with the respective networi< 
address. 


""communication with the one network resource in 
accordance with the correspondence. 


4. The networtc resource access system according to claim 
3, wherein the authorization server is configured to 
establish a secure communications channel with the one 
network temninal, and to provide the associated driver 
application with the respective network address over the 
secure communications channel. 


4. The network resource control system according to claim 
1 , wherein the resource records are configured for access 
by respective administrators of the networi< resources, and 
the administration server is configured to receive from one 
of the network administrators a request for access to one of 
the resource records with user access control data, to 
verify authorization for the access from the access 
configuration associated with the one resource record, and 
to update the one resource record with the user access 
control data in accordance with the verification. 
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5. A method for providing network terminals with access to 
network resources over a network, the method comprising 
the steps of: receiving a request from one of the network 

temiinals for communication with one of the networi^ ^ 

resources; obtaining resource configuration data \ 
associated with the one network resource; and facilitating 
communication between the one network temninal and tne 
one network resource in accordance with a \ 
correspondence between the resource configuration data\ 
and user configuration data associated with the one \ 
networt< terminal. \ 


5. A method for facilitating communication between 
networi< temiinals and networi< resources over a network, 
the method comprising the steps of: providing a resource 
registry including resource records associated with the 
networt^ resources; receiving user access control data from 
administrators of the network resources for incorporation 
Into the resource records; and in accordance with the user 
access control data, configuring the network terminals for 
communication with the networi< resources. 


6. The method according to claim 5, wherein the i 
communication facilitating step comprises providing the 
one network terminal with a network driver application for 
communication with the one network resource in 
accordance with the correspondence. 


6. The method according to claim 5, wherein the resource 
\ records define at least resource configuration data for each 
^aid network resource, and each said network terminal has 
an associated tenninal configuration, and the temninal 
configuring step comprises the steps of receiving from one 
of the network terminals a request for access to one of the 
network resources, and configuring the one terminal for 
communication with the one network resource in 
accordance with a correspondence between the temninal 
configuration of the one networi^ terminal and the resource 
configuration data and the user access control data 
associated with the one networi< resource. 


7. The method according to claim 6, wherein the resource 
configuration data includes a network address associated 
with the one network resource, and the communication 
facilitating step comprises configuring the networi< driver 
application with the network address. 


^7. The method according to claim 6, wherein the step of 
configuring the one temninal comprises providing the one 
tenninal with a network resource driver for communication 
with the one network resource in accordance with the 
con-espondence. 


8. The method according to claim 7, wherein the 
communication facilitating step comprises the steps of 
establishing a secure communications channel with the 
one network temninal, and providing the driver application 
with the network address over the secure communications 
channel. 


8. The method according to claim 5, wherein each said 
resource record is configured for access by one of the 
network administrators, and the control data receiving step 
comprises the steps of receiving from one of the networi< 
administrators a request for access to one of the resource 
records, verifying authorization for the access from the 
access configuration associated with the one resource 
record, and updating the one resource record in 
accordance with the verification. 


9. The method according to claim 6, wherein each said 
network terminal has an associated terminal configuration, 
and the resource configuration data includes a user access 
level, and the communication facilitating step comprises 
providing the network driver application in accordance with 
a correspondence between the terminal configuration of 
the one network tenninal and the user access level 
associated with the one network resource. / 


7 


10. The method according to claim 5. wherein the step of/ 
obtaining resource configuration data comprises the steps 
of receiving from a network administrator of the one 
network resource the resource configuration data together 
with a request to provide the resource configuration data, 
verifying authorization to provide the configuration data, 
and storing the received configuration data in accordance 
with the verification. 
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This is a provisional obviousness -type double patenting 
rejection because the conflicting claims have not in fact been 
patented. 



Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs 
of 35 U.S.C. 102 that form the basis for the rejections under 
this section made in this Office action: 

A person shall be entitled to a patent iinless - 

(e) the invention was described in (1) an application for patent, piablished 
under section 122(b), by another filed in the United States before the 
invention by the applicant for patent or (2) a patent granted on an 
application for patent by another filed in the United States before the 
invention by the applicant for patent, except that an international 
application filed under the treaty defined in section 351(a) shall have the 
effects for purposes of this subsection of an application filed in the 
United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English 
language . 

5. Claims 1-10 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Grantges (U.S. Patent Number 6,324,648). 

As per claim 1, a resource registry including resource 
records associated with the network resources, the resource 
records defining at least a resource type for each said network 
resource; (See Figures 1, 6 & 7, Column 7 Line 38 through Column 
8 Line 14 : Grantges disclosed resource and users information 
registry (authorization server, information security and 



certificate authority) describing information associated with the 



Application/Control Number: 09/926,439 Page 6 

Art Unit: 2144 

client terminal requesting access of the resource and information 
associated with the resources logically located at the secured 
private network) a driver database including resource driver 
applications for the network resources ; (See Column 9 Lines 9-35, 
Column 10 Lines 33-54: Grantges disclosed an authorization server 
storing identifier for the resource applications protected by a 
firewall in the private network) and an authorization server for 
facilitating coimnuni cation between the network terminals and the 
network resources, the authorization server being in 
communication with the resource registry and the driver database 
for providing the driver applications to the network terminals in 
accordance with the resource records, (See Figures 1, 6 & 7, 
Column 7 Lines 28-62 and Column 9 Lines 9-14: Grantges taught an 
Authorization server establishing a communication between a user 
using a client network and a network resource according to the 
resource information^ record describing the client network and the 
resource network and authenticating the user requesting the 
network resource and the information of the resource application 
information by providing an ''options page" having therein access 
to the resources allowing the user at the client network to 
select a resource application to gain access of the network 
resource) . 
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As per claim 5, receiving a request from one of the network 
terminals for communication with one of the network 
resources; {See Figures 1,2,7 and Column 14 Lines 53-67: Qrantges 
disclosed receiving a request from a client terminal over 
insecure global network such as the Internet) obtaining resource 
configuration data associated with the one network resource; and 
facilitating communication between the one network terminal and 
the one network resource in accordance with a correspondence 
between the resource configuration data and user configuration 
data associated with the one network terminal. (See Column 10 
Lines 6-11: Grantges disclosed configuration information of the 
user at the client terminal and the configuration information of 
the network resource applications located at the secured 
enterprise network, using both information an authorization 
server authenticating a user at the client side to access the 
secured network resources establishing a communication channel 
accordingly) . 

As per claims 2, 6 and 9, wherein each said network teirminal 
has an associated terminal configuration, (Since the teachings of 
Grantges did teach a client terminal been authenticated to have 
access to the resources located in a secured enterprise network, 
the network terminal to have a configuration was inherently 
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disclosed) and the resource records include a user access level , 
and the authorization server is configured to receive from one of 
the network terminals a request to communicate with one of the 
network resources, (See Column 7 Lines 49-58: Qrantges disclosed 
multiple access levels and where the authorization server 
receiving access request from the client terminal and providing 
access according to the access level of a specific terminal 
demanding access of the network resources ) to provide the one 
network terminal with the network driver application associated 
with the one network resource in accordance with a correspondence 
between the terminal configuration of the one network terminal 
and the user access level associated with the one network 
resource . (See Column 7 Lines 49-58, Column 8 Lines 53-65 and 
Column 9 Lines 9-30: Grantges disclosed an authorization server 
providing the client terminal with "driver" application where the 
driver is logically looked as a method of providing access to the 
requested resources in an enterprise network and allowing a 
selection to be made by the client at the client terminal to 
access the resources accordingly) . 

As per claims 3 and 7, wherein the resource records define a 
network address associated with each said network resource, and 
the authorization server is configured to configure the 
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associated driver application with the respective network 
address. (See Figures 1, 4B, 7 and Column 10 Lines 32-54: 
Grantges disclosed an authorization server and URL (Uniform 
Resource Locator) associated with the resource applications 
identifier facilitating the access control between the client 
terminal and the network resources) . 

As per claims 4, 8, and 10, wherein the authorization 
server is configured to establish a secure coimunications 
channel with the one network terminal, and to provide the 
associated driver application with the respective network 
address over the secure communications channel. (See Figures 1- 
4, 7 and Column 9 Lines 9-34, Column 12 Line 50 through Column 
13 Line 42: Grantges disclosed a client network terminal 
logically located on the insecure network establishing a secured 
communication channel with the proxy servers and the 
authorization server through the proxy means in providing the 
driver applications "options page" (See Column 15 Lines 44-51) 
to the user at the client network terminal to select and access 
the application resource in the secured enterprise network. 
Grantges further disclosed an administration interface on the 
authorization server facilitating the authentication of the 
configuration content from the resource storage of the client 
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and the network resource and performing the content access 
control according the verification information (claim 10) . See 
Column 7 Lines 49-58. 



6. The prior art made of record (Form PTO-892) and not relied 
upon is considered pertinent to Applicant's disclosure. 

7. Any inquiry concerning this communication or earlier 
communication from the examiner should be directed to Yemane 
Gerezgiher whose telephone number is (571) 272-3927, The 
examiner can normally be reached on Monday- Friday from 9:00 AM 
to 6:00 PM. 

If attempts to reach the examiner by telephone are 
unsuccessful- The examiner's supervisor, William Cuchlinski, 
can be reached at (571) 272-3925. 



Conclusion 





WILLIAM A. CUCHLINSKI, JR. 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 21500 



